Описание
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. Ceph versions 3.x and 4.x are vulnerable to this issue.
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made.
Отчет
- Red Hat Ceph Storage (RHCS) 3 and 4 are affected by this vulnerability. Note: although this issue affects the RadosGW S3 API, it does not affect the Swift API.
- Red Hat Openshift Container Storage( RHOCS) 4.2 is affected by this flaw. However, because RHOCS 4.2 is now in the Maintenance Phase of support, this issue is not currently planned to be addressed in future updates.
- Red Hat OpenStack Platform (RHOSP) 13 is not affected by this flaw because RHOSP 13 only ships the ceph client libraries and does not build server code.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 2 | ceph | Out of support scope | ||
| Red Hat Enterprise Linux 8 | ceph | Not affected | ||
| Red Hat Openshift Container Storage 4 | ceph | Will not fix | ||
| Red Hat OpenStack Platform 13 (Queens) | ceph | Not affected | ||
| Red Hat OpenStack Platform 15 (Stein) | ceph | Out of support scope | ||
| Red Hat Ceph Storage 3.3 | ceph | Fixed | RHSA-2020:3504 | 18.08.2020 |
| Red Hat Ceph Storage 3.3 | ceph-ansible | Fixed | RHSA-2020:3504 | 18.08.2020 |
| Red Hat Ceph Storage 3.3 | nfs-ganesha | Fixed | RHSA-2020:3504 | 18.08.2020 |
| Red Hat Ceph Storage 3 for Ubuntu | Fixed | RHSA-2020:3505 | 18.08.2020 | |
| Red Hat Ceph Storage 4.1 | ceph | Fixed | RHSA-2020:3003 | 20.07.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.4 Medium
CVSS3
Связанные уязвимости
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. Ceph versions 3.x and 4.x are vulnerable to this issue.
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. Ceph versions 3.x and 4.x are vulnerable to this issue.
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gate ...
EPSS
5.4 Medium
CVSS3